Globe Telecom Customer Story

As the appointed protector of Globe
Telecom’s subscriber data – and nearly 1.05 million retailers,
distributors, suppliers and business partners — CISO Anton Bonifacio,
takes his role very seriously. "We don’t have people’s messages
but we know who they called, who their friends are and where they’ve
been," he explained. "We have the details of people’s lives
and it’s imperative to do everything we can to protect it and to
ensure their privacy."

To make sure that its data is secure,
Globe has invested in a wide range of FireEye solutions and services.
The company’s pervasive network is protected against known and unknown
advanced attacks by the FireEye Network Security (NX) platform. The
rapid detection and accuracy of alerts enables Globe to focus on
events that pose a genuine threat.

“Our partnership with FireEye covers the entire threat lifecycle - It is really about the whole industry experience that FireEye brings: I just can’t do without it.”

- Anton Bonifacio, CISO, Globe Telecom

"Our infrastructure is huge but we’re
only as strong as the weakest link: Each asset across the network is
important and we need to ensure we secure every single element,"
described Bonifacio. To address the challenge of extending protection
to each of its more than 10,000 endpoints, Globe deployed FireEye
Endpoint Security (HX series). HX assesses activities to identify
exploits at onsite and remote locations, making it possible to
immediately isolate compromised devices to stop attacks — all with a
single click. Bonifacio continued. "Every endpoint counts and HX
gives us the ability to instantly confine a threat and investigate the
incident without risking further infection."

The FireEye Email Threat Prevention Cloud
(ETP) secures what is typically one of the most vulnerable attack
vectors: Email-based attacks, in particular spear phishing, remain one
of the favored methods of launching advanced persistent threats (APTs)
due to the complexity involved in detecting them. ETP is a SaaS
solution that protects mailboxes against advanced email attacks and
provides anti-spam and antivirus software capabilities. ETP seamlessly
integrates with the FireEye NX platform to defend against blended
attacks that attempt to exploit multiple threat vectors. Bonifacio
noted, "ETP is a key component in our layered defense strategy
and as it’s specifically tailored for cloud-based environments it is
the perfect fit with our Google email system."

Globe utilizes the FireEye Central
Management (CM) series to consolidate device and intelligence
management, enabling the correlation of threat data across all of its
FireEye components.

Being reactive and proactive

Bonifacio is very confident in the
effectiveness of the security solutions he has implemented but feels
that this is only half of the challenge: "We have to protect
everything across the entire environment; however attackers only have
to find one tiny weakness. There is an inevitability that breaches
will occur and I believe once you’ve done due diligence in securing
your infrastructure, what’s then most important is how you actually
react when you are compromised.

"We have implemented world class
defenses," he stated, "but if a breach does occur we don’t
try to hide it. We report every violation to our executive team. Being
breached is most definitely not an indication that we failed; for me
it’s how we handle the incident — and what we learn from it — that
determines success or failure."

Although placing an emphasis on
prevention, to fully deliver on his strategy, Bonifacio has invested
in additional services from FireEye’s Mandiant team to complement his
implementation of FireEye CM, NX, and ETP solutions.

Global Telecom Profile

Globe Telecom (commonly referred to as Globe) operates one of the
largest mobile, landline, and broadband networks in the Philippines.
In addition to 3.5 million broadband customers, its 6,200 employees
provide services to 50 million mobile subscribers, and almost a
million landline users.

Featured Products

“The Mandiant team is fully familiar with our environment and helps ensure that all the individual elements work in harmony to achieve our overall security goals.”

- Anton Bonifacio, CISO, Globe Telecom

Constant vigilance

"To ensure that Globe’s defenses are
always optimized to combat the latest threats, it schedules regular
Mandiant Vulnerability Assessments to identify possible security
weaknesses that could be exploited by attackers. Bonifacio noted,
"Cyber criminals are relentless and very creative: It’s
imperative that we continually evaluate the ability of our security
posture to defend against attacks. The Vulnerability Assessment
distills the experience and expertise of the Mandiant consultants and
equips us with the knowledge we need to constantly reduce risk and
improve how we operate."

Bonifacio has further extended the
capabilities and capacity of his in-house resources by subscribing to
FireEye as a Service (FaaS): "It’s really reassuring to know
there is a team monitoring our environment round the clock. FaaS gives
me validation that a potential threat is actually real and immediately
follows this by looking for signs of compromise. If things start to
get really active, I now don’t have to worry that we won’t have the
necessary bandwidth to effectively respond to incidents: If I need
extra feet on the ground, I get them from FireEye."

To enhance its proficiency to handle
possible breach situations, Globe invests in Mandiant Incident
Response Services to investigate intrusions and targeted attacks.
Using state-of-the-art proprietary technologies, Mandiant consultants
identify the actions of the attacker, the scope of the breach and
quantify possible data loss. Priority is given to eradicating the
vulnerability and re-securing the infrastructure to prevent subsequent
exploitation. "Nothing else matters if you cannot detect and
respond to attacks in an expedient, effective manner. Doing this
requires that you quickly quantify what you’re dealing with: The
Mandiant Incident Response team leaps into action as soon as a breach
is suspected and equip me with what I need to know."

Collective wisdom

Bonifacio also utilizes Mandiant Cyber
Defense Center Development (CDCD) to further refine and enhance the
capabilities of his own team. He commented, "A defense in depth
strategy is no longer just about prevention, it needs to be supported
by world-class security operations utilizing tailored processes and procedures."

CDCD brings the collective intelligence
and expertise of the global Mandiant team to focus on helping
organizations create an adaptive defense strategy capable of
minimizing risk and the impact of a breach. "Cyber crime is a
global threat: It is not enough to know about just one region; you
have to learn from what is happening all over the world,"
reflected Bonifacio. "CDCD enables us to benefit from the best
practices and proven techniques, collected from thousands of
first-hand experiences from every corner of the world. The Mandiant
team is fully familiar with our environment and helps ensure that all
the individual elements work in harmony to achieve our overall
security goals."

He concluded, "Our partnership with
FireEye covers the entire threat lifecycle. I worked extensively with
FireEye and Mandiant prior to coming to Globe and don’t even look at
the investment from a cost perspective: The capabilities complement
and enhance my security operations. It is really about the whole
industry experience that FireEye brings: I just can’t do without it."